{
  "pathFilter": {
    "deniedPaths" : [
      { "path": "/api/engine/.*", "methods" : "*" },
      { "path": "/api/cockpit/.*", "methods" : "*" },
      { "path": "/api/tasklist/.*", "methods" : "*" },
      { "path": "/api/admin/.*", "methods" : "*" },
      { "path": "/app/tasklist/{engine}/.*", "methods" : "*" },
      { "path": "/app/cockpit/{engine}/.*", "methods" : "*" },
      { "path": "/app/welcome/{engine}/.*", "methods" : "*" },
      { "path": "/app/admin/{engine}/.*", "methods" : "*" }
    ],
    "allowedPaths" : [
      { "path": "/api/engine/engine/", "methods" : "GET" },
      { "path": "/api/{app:cockpit}/plugin/{plugin}/static/.*", "methods" : "GET" },
      { "path": "/api/{app:cockpit}/plugin/{plugin}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer" },
      { "path": "/api/engine/engine/{engine}/identity/password-policy", "methods" : "GET" },
      { "path": "/api/engine/engine/{engine}/identity/password-policy", "methods" : "POST" },
      { "path": "/api/admin/auth/user/{engine}", "methods" : "GET" },
      { "path": "/api/admin/auth/user/{engine}/logout", "methods" : "POST" },
      { "path": "/api/admin/auth/user/{engine}/login/{app}", "methods" : "POST" },
      { "path": "/api/admin/auth/user/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer" },
      { "path": "/api/admin/setup/{engine}/user/create", "methods" : "POST" },
      { "path": "/api/admin/setup/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer" },
      { "path": "/api/{app:admin}/plugin/license/{engine}/check-key", "methods" : "GET" },
      { "path": "/api/{app:admin}/plugin/{plugin}/static/.*", "methods" : "GET" },
      { "path": "/api/{app:admin}/plugin/{plugin}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer" },
      { "path": "/api/{app:tasklist}/plugin/{plugin}/static/.*", "methods" : "GET" },
      { "path": "/api/{app:tasklist}/plugin/{plugin}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer" },
      { "path": "/api/engine/engine/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer" },
      { "path": "/app/{app:cockpit}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.ApplicationRequestAuthorizer" },
      { "path": "/app/{app:tasklist}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.ApplicationRequestAuthorizer" },
      { "path": "/app/{app:welcome}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.ApplicationRequestAuthorizer" },
      { "path": "/app/{app:admin}/{engine}/.*", "methods" : "*", "authorizer" : "org.camunda.bpm.webapp.impl.security.filter.ApplicationRequestAuthorizer" }
    ]
  }
}
